CISA has added CVE-2025-21042, a vulnerability affecting Samsung mobile devices, to its Known Exploited Vulnerabilities (KEV) catalog, and has ordered US federal civilian agencies to address it by the start of December. “This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise,” the Cybersecurity and Infrastructure Security Agency noted. In this particular case, the danger for federal agencies might be higher than usual, as … More →
The post CISA: Patch Samsung flaw exploited to deliver spyware (CVE-2025-21042) appeared first on Help Net Security.
Board-Ready Security Metrics That Actually Matter
TL;DR Board-ready security metrics translate technical capabilities into financial risk and business outcomes. Boards need visibility across three dimensions: risk exposure, incident response capability, and
